Merge pull request #132 from TechnologyEnhancedLearning/Develop/Fixes/Td-3731-Password-Change-Does-Not-Invalidate-Current-Session

TD-3731: Password Change Does Not Invalidate Current Session

Author: swapnamol-abraham

Auth/LearningHub.Nhs.Auth/Configuration/WebSettings.cs

@@ -56,5 +56,10 @@ public class WebSettings
         /// Gets or sets the SupportFeedbackForm.
         /// </summary>
         public string SupportFeedbackForm { get; set; }
+
+        /// <summary>
+        /// Gets or sets a value indicating whether IsPasswordUpdate.
+        /// </summary>
+        public bool IsPasswordUpdate { get; set; }
   }
 }

Auth/LearningHub.Nhs.Auth/Controllers/AccountController.cs

@@ -20,15 +20,11 @@
     using LearningHub.Nhs.Auth.Models.Account;
     using LearningHub.Nhs.Caching;
     using LearningHub.Nhs.Models.Common;
-    using LearningHub.Nhs.Models.Entities.Reporting;
     using Microsoft.AspNetCore.Authentication;
     using Microsoft.AspNetCore.Authorization;
-    using Microsoft.AspNetCore.Http;
     using Microsoft.AspNetCore.Mvc;
-    using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.Logging;
     using Microsoft.Extensions.Options;
-    using NHSUKViewComponents.Web.ViewModels;
 
     /// <summary>
     /// Account Controller operations.
@@ -72,7 +68,7 @@ public AccountController(
             this.authConfig = authConfig?.Value;
             this.webSettings = webSettings;
             this.logger = logger;
-    }
+        }
 
         /// <summary>
         /// Shows the Login page.
@@ -214,9 +210,9 @@ await this.UserService.AddLogonToUserHistory(
                 this.ModelState.AddModelError(string.Empty, loginResult.ErrorMessage);
             }
 
-             showFormWithError:
+showFormWithError:
 
-            // something went wrong, show form with error
+// something went wrong, show form with error
             var vm = await this.BuildLoginViewModelAsync(model);
             if ((vm.ClientId == "learninghubwebclient") || (vm.ClientId == "learninghubadmin"))
             {
@@ -268,6 +264,9 @@ public async Task<IActionResult> Logout(LogoutInputModel model)
                 // delete local authentication cookie
                 await this.HttpContext.SignOutAsync();
 
+                // Delete the authentication cookie to ensure it is invalidated
+                this.HttpContext.Response.Cookies.Delete(".AspNetCore.Identity.Application");
+
                 // raise the logout event
                 await this.Events.RaiseAsync(new UserLogoutSuccessEvent(this.User.GetSubjectId(), this.User.GetDisplayName()));
 
@@ -296,7 +295,15 @@ public async Task<IActionResult> Logout(LogoutInputModel model)
                 return this.SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme);
             }
 
-            return this.View("LoggedOut", vm);
+            if (this.webSettings.IsPasswordUpdate)
+            {
+                var redirectUri = $"{this.webSettings.LearningHubWebClient}Home/ChangePasswordAcknowledgement";
+                return this.Redirect(redirectUri);
+            }
+            else
+            {
+                return this.View("LoggedOut", vm);
+            }
         }
 
         /// <summary>

Auth/LearningHub.Nhs.Auth/Controllers/HomeController.cs

@@ -80,6 +80,27 @@ public async Task<IActionResult> Error()
             return this.View("Error");
         }
 
+        /// <summary>
+        /// IsPasswordUpdateMethod.
+        /// </summary>
+        /// <param name="isLogout">The Logout.</param>
+        /// <returns>The <see cref="ActionResult"/>.</returns>
+        [HttpGet]
+        public IActionResult SetIsPasswordUpdate(bool isLogout)
+        {
+            if (isLogout)
+            {
+                this.webSettings.IsPasswordUpdate = false;
+            }
+            else
+            {
+                this.webSettings.IsPasswordUpdate = true;
+            }
+
+            var redirectUri = $"{this.webSettings.LearningHubWebClient}Home/UserLogout";
+            return this.Redirect(redirectUri);
+        }
+
         /// <summary>
         /// Shows the HealthCheck response.
         /// </summary>

Auth/LearningHub.Nhs.Auth/appsettings.json

@@ -39,9 +39,8 @@
     "ElfhHub": "",
     "Rcr": "",
     "SupportForm": "https://support.learninghub.nhs.uk/support/tickets/new",
-    "SupportFeedbackForm": "https://forms.office.com/e/C8tteweEhG"
-
-
+    "SupportFeedbackForm": "https://forms.office.com/e/C8tteweEhG",
+    "IsPasswordUpdate": "false"
   },
   "AllowOpenAthensDebug": false,
   "OaLhClients": {